碼上歡樂
相關內容    簡體    繁體

SQL2000數據庫密碼被替換,重置密碼提示未能找到存儲過程sp_password解決方案

本文轉載自   查看原文   2014-11-21 14:35   3817    數據庫

利用windows身份驗證進入查詢分析器后在master數據庫下運行如下腳本:

 1 create procedure sp_password
 2 @old sysname = NULL, -- the old (current) password
 3 @new sysname, -- the new password
 4 @loginame sysname = NULL -- user to change password on
 5 as
 6 -- SETUP RUNTIME OPTIONS / DECLARE VARIABLES --
 7 set nocount on
 8 declare @self int
 9 select @self = CASE WHEN @loginame is null THEN 1 ELSE 2 END
10 
11 -- RESOLVE LOGIN NAME
12 if @loginame is null
13 select @loginame = suser_sname()
14 
15 -- CHECK PERMISSIONS (SecurityAdmin per Richard Waymire) --
16 IF (not is_srvrolemember('securityadmin') = 1)
17 AND not @self = 1
18 begin
19 dbcc auditevent (107, @self, 0, @loginame, NULL, NULL, NULL)
20 raiserror(15210,-1,-1)
21 return (1)
22 end
23 ELSE
24 begin
25 dbcc auditevent (107, @self, 1, @loginame, NULL, NULL, NULL)
26 end
27 
28 -- DISALLOW USER TRANSACTION --
29 set implicit_transactions off
30 IF (@@trancount > 0)
31 begin
32 raiserror(15002,-1,-1,'sp_password')
33 return (1)
34 end
35 
36 -- RESOLVE LOGIN NAME (disallows nt names)
37 if not exists (select * from master.dbo.syslogins where
38 loginname = @loginame and isntname = 0)
39 begin
40 raiserror(15007,-1,-1,@loginame)
41 return (1)
42 end
43 
44 -- IF non-SYSADMIN ATTEMPTING CHANGE TO SYSADMIN, REQUIRE PASSWORD (218078) --
45 if (@self <> 1 AND is_srvrolemember('sysadmin') = 0 AND exists
46 (SELECT * FROM master.dbo.syslogins WHERE loginname = @loginame and isntname = 0
47 AND sysadmin = 1) )
48 SELECT @self = 1
49 
50 -- CHECK OLD PASSWORD IF NEEDED --
51 if (@self = 1 or @old is not null)
52 if not exists (select * from master.dbo.sysxlogins
53 where srvid IS NULL and
54 name = @loginame and
55 ( (@old is null and password is null) or
56 (pwdcompare(@old, password, (CASE WHEN xstatus&2048 = 2048 THEN 1 ELSE 0 END)) = 1) ) )
57 begin
58 raiserror(15211,-1,-1)
59 return (1)
60 end
61 
62 -- CHANGE THE PASSWORD --
63 update master.dbo.sysxlogins
64 set password = convert(varbinary(256), pwdencrypt(@new)), xdate2 = getdate(), xstatus = xstatus & (~2048)
65 where name = @loginame and srvid IS NULL
66 
67 -- UPDATE PROTECTION TIMESTAMP FOR MASTER DB, TO INDICATE SYSLOGINS CHANGE --
68 exec('use master grant all to null')
69 
70 -- FINALIZATION: RETURN SUCCESS/FAILURE --
71 if @@error <> 0
72 return (1)
73 raiserror(15478,-1,-1)
74 return (0) -- sp_password
View Code

命令執行成功后,sa的密碼是null,可以去企業管理器-安全-sa -寫入新密碼;

這次被病毒入侵是因為sa的密碼太過簡單 123456類似,引以為戒!

 


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



猜您在找 SQL2000下修復某數據庫的經歷 Sql server數據庫修改存儲過程 sql 2000 無法連接遠程數據庫 sqlserver不存在或訪問被拒絕 解決方案 數據庫-存儲過程 淺談數據庫之存儲過程 數據庫的存儲過程機制 SQL Server 使用游標更新數據庫中的數據(使用存儲過程) SQL2000 \2005\2008\2008r2\2012各個版本resource數據庫存放位置 MySQL數據庫之存儲過程與存儲函數 安裝Sql Server 2000時提示“安裝Sql掛起”的解決方案
 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM